This archive contains all of the 144 exploits added to Packet Storm in April, 2016.
46809635d72c7b71ba1c6adeb489358856e971e4047c326fb8e8efa12d733e36Observium version 0.16.7533 suffers from code execution and cross site request forgery vulnerabilities.
2359c07b1bd62ab882e442b19908fa49ee5d76e0f485673bc1f79ac54b6ccf30Observium version 0.16.7533 suffers from a cross site request forgery vulnerability.
4198f71dabd0d94dfbaba0c5817ddef7ef67bdaea792ebd8df049f7971bceca1This Metasploit module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed via method: prefix when Dynamic Method Invocation is enabled.
39285e2ede3a389887f3e8ccc69a2f47104f97406d3bfc7a832a9a1fa422a408GLPI version 0.90.2 suffers from a remote SQL injection vulnerability.
0a52a7fa8c4afcded04b0fa0b0ab812aee4b472f7d4fb50e3c3e6e43d1e28060Mozilla continues to ship Firefox and Thunderbird for Windows with a vulnerable executable installer.
42d80c8c079b60b4bc65a4b8b6eb7f5a8513451ea130ab38f10dc017a6e5a274WordPress Truemag theme from 2016 Q2 suffers from a cross site scripting vulnerability.
535e6b5cc0dcbbce54a286927067ea524876c67bce5639075551768ebdf0a155An integer wrap may occur in PHP 7.x before version 7.0.6 when reading zip files with the getFromIndex() and getFromName() methods of ZipArchive, resulting in a heap overflow. Full exploit included.
e8c95e113360c07e5f57ee1a402ad502f85525d7f354dd5b76ad74e45439655dA Microsoft Windows kernel crash exists in the win32k.sys driver while processing a corrupted TTF font file.
20e2a865b13b1b14dde608971f4405d9d26b6e13cce289f692f5aa53d27dd8b7If an application sends a one way binder transaction the service tries to send a reply which fails. This causes the service manager to exit its binder loop and the process dies causing the system to reboot. Tested on Android version 6.0.1 February patches.
24774ca1e49bd4db1b9ed63ebb744a6f55a49da06db379a0c1076409bd39b4c2This is a SUID, SIP, and binary entitlements universal OS X local privilege escalation exploit.
49924fa08f8b101fdbdbfba6d5e985f619bd430e2fafdbe9548a078782bb9339EMC ViPR SRM versions prior to 3.7 suffer from a cross site request forgery vulnerability.
937f63577c3fcb4a53eaee2b489e94d280b7edee85b27ac120b653f7667e8d0fAWS appears to suffer from a CAPTCHA bypass vulnerability.
2955e115e77880713afefd1475e050fa22bdfa2f21da64a85676517555945dc6Voo branded Netgear CG3700b custom firmware version 2.02.03 suffers from cross site request forgery and insufficient authentication vulnerabilities.
f2bfc41c1d1c5ce03e952d1ce938bc3be05839005ba5499d8e7a71df4a8182a6The CSRSS BaseSrv RPC call BaseSrvCheckVDM allows you to create a new process with the anonymous token, which results on a new process in session 0 which can be abused to elevate privileges.
f24c7d593d547e23379c3440dbf5f7f452e40b8133e8dd3211fa702220bba978RomPager versions 4.34 and below router authentication remover exploit.
38645aa2c86dfa0cb64d4619e5778ca2411cb0f863d9768a0f6f53af705c2c8eSophos XG Firewall (SF01V) suffers from a cross site scripting vulnerability.
d40c538cdcd71b7e182b19515a9c3cc792fcb182d52b84a21cdcea81b967c2baTrend Micro's website suffered from an email spoofing vulnerability.
e036a8a755636cc38be306245627af052b92cd4305af973b466af3b9e30bb747Oracle Discoverer Viewer BI suffered from an open redirection vulnerability.
e23c0a5e2dc5af6727a12408ff49391c3f3651447979dec521f61fe2e285dff3VoipNow version 4.0.1 suffers from script insertion vulnerabilities.
03f60bcbb2e812664fd02e7f5aad5865f9811f053e4ea7cae9e0ac16d08eb954A vulnerability exists for Gemtek CPE7000 model ID WLTCS-106 exposing Iperf tool to unauthenticated users. Injecting a command in the perf_measure_server_ip parameter, an attacker can execute arbitrary commands. Since the service runs as root, the remote command execution has the same administrative privileges. The remote shell is obtained uploading the payload and executing it. A reverse shell is preferred rather then a bind one, since firewall won't allow (by default) incoming connections. Tested on Hardware version V02A and Firmware version 01.01.02.082.
46cb65000b542aa82162870f00d5dc85d65f04b83be0846b89ed193e6c3a6c0bA vulnerability exists for Gemtek CPE7000 model ID WLTCS-106 which allows unauthenticated remote attackers to retrieve a valid Administrative SID.
b4280a001436ff85b0ae7737bade7383e9b0bd2426d3bfe6ca6176ba8464b94fYasr console screen reader version 0.6.9-5 proof of concept buffer overflow exploit.
b13efe4490faed9031907233af99ea83b8ee18e36470b5ebdb9b4e3e3de1c43eNationBuilder suffers from multiple persistent cross site scripting vulnerabilities.
605c2c3c1032d340f16cd0038f39dd85e6364f17892b876b71724d47ac764bf9IrIran Shopping Script version 4.1 suffers from a cross site scripting vulnerability.
828edab3e7924d0f81c1fce38155f8638c3e73f0a9314ba81f3edfc6c8485c69
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed